Securing Android app markets via modeling and predicting malware spread between markets
The Android ecosystem has recently dominated mobile devices. Android app markets, including official Google Play and other third party markets, are becoming hotbeds, where malware originates and spreads. Android malware has been observed to both propagate within markets and spread between markets. I...
Saved in:
Main Authors: | , , , , |
---|---|
Other Authors: | |
Format: | Article |
Language: | English |
Published: |
2021
|
Subjects: | |
Online Access: | https://hdl.handle.net/10356/150817 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-150817 |
---|---|
record_format |
dspace |
spelling |
sg-ntu-dr.10356-1508172021-08-01T13:11:37Z Securing Android app markets via modeling and predicting malware spread between markets Meng, Guozhu Patrick, Matthew Xue, Yinxing Liu, Yang Zhang, Jie School of Computer Science and Engineering Engineering::Computer science and engineering Malware Spread Prediction Epidemic Model The Android ecosystem has recently dominated mobile devices. Android app markets, including official Google Play and other third party markets, are becoming hotbeds, where malware originates and spreads. Android malware has been observed to both propagate within markets and spread between markets. If the spread of Android malware between markets can be predicted, market administrators can take appropriate measures to prevent the outbreak of malware and minimize the damages caused by malware. In this paper, we make the first attempt to protect the Android ecosystem by modeling and predicting the spread of Android malware between markets. To this end, we study the social behaviors that affect the spread of malware, model these spread behaviors with multiple epidemic models, and predict the infection time and order among markets for well-known malware families. To achieve an accurate prediction of malware spread, we model spread behaviors in the following fashion: 1) for a single market, we model the within-market malware growth by considering both the creation and removal of malware; 2) for multiple markets, we determine market relevance by calculating the mutual information among them; and 3) based on the previous two steps, we simulate a susceptible infected model stochastically for spread among markets. The model inference is performed using a publicly available well-labeled dataset AndRadar. To conduct extensive experiments to evaluate our approach, we collected a large number (334,782) of malware samples from 25 Android markets around the world. The experimental results show our approach can depict and simulate the growth of Android malware on a large scale, and predict the infection time and order among markets with 0.89 and 0.66 precision, respectively. This work was supported in part by the International Cooperation Program on Cyber Security, administered by SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China, under Grant SNHTBH-2017110681. The work of Y. Xue was supported by the CAS (Chinese Academy of Sciences) Pioneer Hundred Talents Program of China. 2021-08-01T13:11:36Z 2021-08-01T13:11:36Z 2019 Journal Article Meng, G., Patrick, M., Xue, Y., Liu, Y. & Zhang, J. (2019). Securing Android app markets via modeling and predicting malware spread between markets. IEEE Transactions On Information Forensics and Security, 14(7), 1944-1959. https://dx.doi.org/10.1109/TIFS.2018.2889924 1556-6013 0000-0001-6388-2571 0000-0002-2979-7151 0000-0001-7300-9215 https://hdl.handle.net/10356/150817 10.1109/TIFS.2018.2889924 2-s2.0-85059260530 7 14 1944 1959 en IEEE Transactions on Information Forensics and Security © 2018 IEEE. All rights reserved. |
institution |
Nanyang Technological University |
building |
NTU Library |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
NTU Library |
collection |
DR-NTU |
language |
English |
topic |
Engineering::Computer science and engineering Malware Spread Prediction Epidemic Model |
spellingShingle |
Engineering::Computer science and engineering Malware Spread Prediction Epidemic Model Meng, Guozhu Patrick, Matthew Xue, Yinxing Liu, Yang Zhang, Jie Securing Android app markets via modeling and predicting malware spread between markets |
description |
The Android ecosystem has recently dominated mobile devices. Android app markets, including official Google Play and other third party markets, are becoming hotbeds, where malware originates and spreads. Android malware has been observed to both propagate within markets and spread between markets. If the spread of Android malware between markets can be predicted, market administrators can take appropriate measures to prevent the outbreak of malware and minimize the damages caused by malware. In this paper, we make the first attempt to protect the Android ecosystem by modeling and predicting the spread of Android malware between markets. To this end, we study the social behaviors that affect the spread of malware, model these spread behaviors with multiple epidemic models, and predict the infection time and order among markets for well-known malware families. To achieve an accurate prediction of malware spread, we model spread behaviors in the following fashion: 1) for a single market, we model the within-market malware growth by considering both the creation and removal of malware; 2) for multiple markets, we determine market relevance by calculating the mutual information among them; and 3) based on the previous two steps, we simulate a susceptible infected model stochastically for spread among markets. The model inference is performed using a publicly available well-labeled dataset AndRadar. To conduct extensive experiments to evaluate our approach, we collected a large number (334,782) of malware samples from 25 Android markets around the world. The experimental results show our approach can depict and simulate the growth of Android malware on a large scale, and predict the infection time and order among markets with 0.89 and 0.66 precision, respectively. |
author2 |
School of Computer Science and Engineering |
author_facet |
School of Computer Science and Engineering Meng, Guozhu Patrick, Matthew Xue, Yinxing Liu, Yang Zhang, Jie |
format |
Article |
author |
Meng, Guozhu Patrick, Matthew Xue, Yinxing Liu, Yang Zhang, Jie |
author_sort |
Meng, Guozhu |
title |
Securing Android app markets via modeling and predicting malware spread between markets |
title_short |
Securing Android app markets via modeling and predicting malware spread between markets |
title_full |
Securing Android app markets via modeling and predicting malware spread between markets |
title_fullStr |
Securing Android app markets via modeling and predicting malware spread between markets |
title_full_unstemmed |
Securing Android app markets via modeling and predicting malware spread between markets |
title_sort |
securing android app markets via modeling and predicting malware spread between markets |
publishDate |
2021 |
url |
https://hdl.handle.net/10356/150817 |
_version_ |
1707050423875010560 |